More Than 300K Servers Still Exposed To Heartbleed

(The Hosting News) – Heartbleed isn’t gone just yet, almost three months after the critical bug was found, there are still more than 300,000 systems vulnerable to attacks, VentureBeat reports.

Security researcher Robert Graham of Errata Security notes that 309,197 servers are still at risk, though it has gone down from the 600,000 systems found when Heartbleed was first announced in April.

“This indicates people have stopped even trying to patch. We should see a slow decrease over the next decade as older systems are slowly replaced,” wrote Graham via blog post. “Even a decade from now, though, I still expect to find thousands of systems, including critical ones, still vulnerable.”

Additionally, Graham also stated that he will continue to scan on port 443 next month, again in six months, and then yearly to “track the progress” of the amount of vulnerable websites.

Researchers with Google and security firm Codenomicon first discovered the Heartbleed bug in the OpenSSL software, a free encryption tool used by two-thirds of Internet servers, in early April.